SynopsisThe remote openSUSE host is missing a security update.
DescriptionMozillaFirefox was updated to 52.5.0esr (boo#1068101)
- CVE-2017-7828: Fixed a use-after-free of PressShell while restyling layout
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
- CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
Also fixed :
- Correct plugin directory for aarch64 (boo#1061207). The wrapper script was not detecting aarch64 as a 64 bit architecture, thus used /usr/lib/browser-plugins/.
SolutionUpdate the affected MozillaFirefox packages.